Linux/tftp-hpa
< Linux
Website:
https://git.kernel.org/pub/scm/network/tftp/tftp-hpa.git/
Get the client for testing:
apt install tftp
Get xinetd wrapper
apt install xinetd
git clone https://git.kernel.org/pub/scm/network/tftp/tftp-hpa.git cd tftp-hpa bash autogen.sh # ./configure ./configure --prefix=/opt/tftp-hpa make make install
mkdir /tftp
/etc/xinetd.d/tftp:
service tftp { socket_type = dgram protocol = udp wait = yes user = root #group = tftp port = 69 server = /opt/tftp-hpa/sbin/in.tftpd server_args = -vvv --create --user tftp --secure /tftp --map-file /etc/tftpd.map --refuse blksize #server_args = -vvv -s /tftp -m /etc/tftpd.map -r blksize #server_args = --verbose -u tftp -s /tftp -r blksize disable = no }
adduser tftp
tftp:x:1001:1001:TFTP User:/tftp:
chown tftp:tftp /tftp
/etc/tftpd.map:
# Convert backslashes to slashes rg \\ /
service xinetd stop service xinetd start
More Complete Map File
# # Rule file for the -m (remapping option) # # This file has three fields: operation, regex, remapping # # The operation is a combination of the following letters: # # r - rewrite the matched string with the remapping pattern # i - case-insensitive matching # g - repeat until no match (used with "r") # e - exit (with success) if we match this pattern, do not process # subsequent rules # s - start over from the first rule if we match this pattern # a - abort (refuse the request) if we match this rule # G - this rule applies to TFTP GET requests only # P - this rule applies to TFTP PUT requests only # # The regex is a regular expression in the style of egrep(1). # # The remapping is a pattern, all characters are verbatim except \ # \0 copies the full string that matched the regex # \1..\9 copies the 9 first (..) expressions in the regex # \\ is an escaped \ # See http://linux.die.net/man/8/tftpd for more info. # # "#" begins a comment, unless \-escaped # ri ^[a-z]: # Remove "drive letters" rg \\ / # Convert backslashes to slashes rg ([A-Z]) \L\1 # Convert uppercase to lowercase rg \# @ # Convert hash marks to @ signs rg /../ /..no../ # Convert /../ to /..no../ e ^ok/ # These are always ok r ^[^/] /\0 # Convert non-absolute files a \.pvt$ # Reject requests for private files
ref: https://github.com/jumanjihouse/docker-tftp-hpa/blob/master/src/mapfile
keywords
tftp tftpd tftp-hpa